Open Source Software and Linux

File transfer speed is always the name of the game and transferring files onto a faster flash drive is no exception. That’s where the Kanguru e-Flash drive really shines.

The e-Flash drive is unique in that it has a USB connection on one end and an e-SATA connection on the other. In tests the e-SATA transferred a 1 GB file from the flash drive to a notebook hard drive in about 13 seconds and back to the flash drive in about 27 seconds.

The USB was quite a bit slower than the e-SATA side but still fast for a USB flash drive. The same test took about 31 seconds to transfer to the notebook and 61 seconds to send it back. Pretty good for a USB flash drive.

The e-Flash drive comes in 16 Gb and 32 Gb sizes. That’s enough disk space documents, photos and some videos for most people.

The e-Flash kit comes with a bracket to mount the drive to your desktop computer in an expansion slot. A cable is included to plug into your motherboard from the bracket. Extra brackets and cables are available so that you can mount the drive in all of your desktop machines. There is also an ExpressCard available for mounting the drive to your notebook.

All in all a nice package. The e-Flash 32Gb sells for $59.95 and the 64Gb for $119.95. If you’re looking for that extra speed from a flash drive this is definitely the way to go. Read more about this drive on the Kangaru web site.

NASA astronaut Mike Massimino is recording his training for the fifth and final Atlantis mission on Twitter generating a lifetime written document for himself and others.

It’s very possible that your favorite (or the one that you despise the most) government agency twitters. As I wrote in a previous post the GSA has worked out terms and conditions with many new media sites so that government agencies can use them.

How about the head of the U.S. Armed Forces, Navy Adm. Mike Mullen, chairman of the Joint Chiefs of Staff. Want up to the minute news on what these guys are doing? Follow Admiral Mike Mullen for the latest decisions and discussions.

Getting to the state and local level your state legislators may already twiitter. 19 senators and 50 members of the House of Representatives are all using the service to post news. You can find out what members of Congress twitter from here, or two websites that carry all of their postings, the Congressional 140 site and TweetCongress. The last two are volunteer run sites so if you want to step up and help…

Another web site, GovTwit, run by Bearing Point’s Steve Lunceford, tracks people in government agencies who twitter. At last count, 1,060 names are on the list. Bearing Point is a global management and technology consulting company with close ties to the US government.

Over 700 computers were hit by the most recent release of the conficker worm at the University of Utah. Computers included those at the University’s three hospitals.

The worm was first detected on Thursday on some of the school’s computers. By Friday it had hit the school’s computers at the three hospitals, medical school, and colleges of nursing, pharmacy and health.

University officials don’t believe that any patient data or medical records were compromised. According to officials those are protected “in a deeper way”. That begs the question of what exactly does that mean? Is that the only data that is virus protected? Is it on Linux or Unix?

The IT staff at the school shut off internet access for up to 6 hours Friday in an effort to isolate the worm. The staff worked over the weekend to cleanup the damage caused by the outbreak. Kind of gives real meaning to the saying “An ounce of prevention is worth a pound of cure” doesn’t it?

Mindy Tueller of the university’s office of information technology said all faculty and students should take steps to make sure they are protected. The virus does not infect Macs.

Or Linux, Unix or any other OS besides Windows

“It can do a lot of bad things,” Tueller said. “Every university member should be concerned about this if they’re using Windows-based devices.”

Interesting. Ms. Tueller and school officials apparently recognize that the problem is the OS but apparently don’t want to do anything about it. How much does that attitude cost the school?

The General Services Administration (GSA) has worked out it’s legal concerns with Flickr, YouTube, Vimeo, blip.tv and Facebook so that federal agencies can use these forms of new media to interact with US citizens. The GSA initially had some concerns with the general terms and agreements of these sites possibly not meeting liability limits, endorsements and freedom of information that the federal government requires.

“We need to get official information out to sites where people are already visiting and encourage them to interact with their government,” said GSA Acting Administrator Paul Prouty. “The new agreements make it easier for the government to provide official information to citizens via their method of choice.”

The agencies are free to choose which of the sites they will use and what content that they can or will post on those sites. The GSA did not take the contracts to that level. Instead they standardized the terms and agreements with those sites so that the agencies can make the choice of which sites and what content to post. This frees the agencies to use the sites they believe will best get their message out to the American people.

The GSA negotiated on behalf of all agencies to standardize the terms and agreements. All of the sites were reluctant to negotiate separate agreements with the hundreds of different agencies because of the costs and time involved.

“Several federal agencies helped to negotiate these agreements, so it’s hoped that other agencies will find the language acceptable,” said GSA Acting Associate Administrator Martha Dorris.

GSA said it started with Flickr, YouTube, Vimeo and blip.tv because those providers are innovative and have large audiences. However, the agency would like to negotiate agreements with many additional providers.

Agencies are already free to use Twitter because GSA found its standard terms of service compatible with federal use.

If a governments agency is not yet on your favorite social networking site give them some time. The GSA is looking at more sites so that they can expand the offering.

The Marine’s are looking for a few good vendors that want to sell them computers. They will even let you help develop the procurement procedure according to this request for information.

The Marine Corps plans on creating a contract vehicle for procuring desktops, laptops and servers. The plan will include procuring rugged and non-rugged computer in an efficient and cost effective way. The plan is to establish a common set of hardware platforms and the method in which those systems will be procured. Sounds like whoever helps establish the procurement procedure will be selling the Marines some hardware..

Not to be left out of environmental concerns computers must be manufactured and operate in environmentally friendly way. Whoever sells them the computers must also provide an efficient method of returning old and broken equipment.

The Marine Corps will hold an industry day conference to discuss the contract at 9:00 a.m. on April 16. The Marine Corps Systems Command in Quantico, Va., will host the conference at the Jacobs Building, Quantico Center 1, 3850 Fettler Park Drive, Dumfries, Va.

All vendors interested in participating in the conference must notify Judy Campbell at 703-432-5096 or Theresa Minton at 703-432-5104 by 4 p.m. on April 13.

After reading this article I started asking myself if the Operating System really does matter for most users. I finally reached the conclusion that it does. Here’s why.

For my own vote I asked myself if I would switch from Linux to Windows or Mac. After giving this some thought I decided that I would not switch.

First of all I am a firm believer in voting with my wallet. Now while I might be tempted to buy a Mac no such temptation exists with Windows. Quite simply I just do not like Microsoft as a company. Hence I have no desire to use any of their products let alone the way to expensive Windows operating system. I really, really, don’t like having to purchase the associated software that runs on Windows that I have to purchase to get the operating system to do what I want..

I like having the ability to choose which distribution of Linux and the associated open source applications that I like and downloading them via yum, zypper, Yast or what have you. I have a choice without spending a dime. Free as in freedom to choose and free as in beer. I have a choice to support the software that I use, financially or helping in some way with the project. No such choice exists with either Mac or Windows.

The article points out that most users are only concerned with web browsing, writing and generally getting their work done. From purely a corporate standpoint I agree. However I think most users today expect more out of their computers at home.

I believe multimedia is a big one. Whether it’s creating video, listening to mp3s or editing pictures most people at some point are going to do one at least one of the three.

Another point that I agree with in the article is that Windows 7 is not much more than a face lift. Users are told that it will be better than Vista and so they believe that it will. That belief alone will make it better whether or not it really is. (What administrator among us hasn’t faced this dilemma with users who thought something was “slow” and so it was slow – regardless of whether or not it was?)

The big question is this: If what they say is true that all users want to do is browse the web, write documents and generally get their work done why are they not demanding a lower cost from Microsoft or, better yet, demanding Linux from the hardware vendors or downloading and installing it themselves?

I think the operating system does matter on some level to just about everyone. Sure there are users out there that only use email, browse the web and write documents without giving any more thought to the operating system. I don’t however think that they are in the majority.

A cybersecurity bill is before the Senate for approval. The bill, if passed, would impose standards on the public and private sectors and certifications for cybersecurity professionals.

The legislation is aimed streamlining cybersecurity authorities, promoting public awareness and enhanci cybersecurity cooperation between government and industry, The bill would also increase cybersecurity education and research and development efforts.

So far as networks are concerned the bill would give the new national cybersecurity adviser the right to disconnect any network deemed critical to national security or the US infrastructure from the internet. This would only happen if the network is considered at risk for attack.

The senators also called for a public awareness campaign, a review of the laws that apply to cybersecurity and a report on identity management and civil liberties. They would also further involve the private sector in cybersecurity efforts through the establishment of:

* A group that would certify that products purchased by the federal government meet cybersecurity standards.
*
A panel of outside experts to advise the president on cybersecurity.
*
A public-private clearinghouse for information sharing on cyberthreats.
*
State and regional cybersecurity centers to help small and medium-sized businesses.

I suppose it had to happen sooner or later. In the past couple of months I have mentioned several cybersecurity attacks, some successful and other networks at risk, in both the private and public sectors. It is a natural progression of this county’s government to step in when business, organizations, and government branches refuse to police themselves and protect their constituents and customers from harm.

On the brighter side a whole new market is opening up for security professionals and software. This is going to happen at the collegiate level as well as in the development of new security software. If you are looking for a career or career change this is an area that you should investigate.

The conficker worm that infected millions of computers starting last October was believed to be at bay. Not so according to Vincent Weafer, vice president of Symantec’s security response group.

Computers infected with this worm are being updated with a stronger variant. The variant is designed to sidestep security measures attempting to cut the connection between infected machines and it’s hacker controllers. An estimated 20 technology companies, including Microsoft, have joined together to try and counter the stronger variant.

They are attempting to stop the worm by pre-registering domains that they believe the worm will use. According to Symantec and others in the group the worm can register up to 50,000 domain names a day. The domains are used to band together the infected computers and route the worm to other computers for infection.

The new worm is also better at resisting eradication. “It’s turning off a variety of security services,” Weafer said, as well as tools often used by security companies to dig into malware.

Weafer also believe that the number of infected computers has peaked. “The number of infected machines is constantly dropping, so we’re dealing with a much smaller pool [of devices] that are potentially getting this update,” Weafer said.

There is bright side to all of this. Linux users don’t have to worry about this. We don’t need to download Microsoft’s patch to fix our machines. What is really glaring is that so far as I know there are no open source companies joined to the group to protect the Windows computer. Maybe they should consult with them and teach them how to write software that is not so susceptible to attacks like this.

This whole thing started because of a security vulnerability in the Microsoft OS. When are Microsoft users and companies going to wake up and realize how expensive it is to continue using this brain dead OS? FWIW my definition of brain dead is an OS that has users, administrators and anyone else who uses the machine pointing and clicking to set up the OS and not knowing what they just did. No wonder that OS gets attacked so much.

If you have a Microsoft machine that is infected what you need is the MS08-067 security update. You’ll have to look it up yourself – I have no need for it. You can read more about this fiasco here.

I’ll stick with my Linux and Open Source software thank you very much.

If you have an SSH server that is accessible from the internet then you should look at the DenyHosts application to protect your servers and networks.

DenyHosts protects your servers by parsing your ssh log for failed attempts at ssh login. The log where this is recorded varies by distribution. On Red Hat it is /var/log/secure and /var/log/auth.log on Mandrake. You should have one of these log files on your system

DenyHosts works by monitoring these logs for failed ssh login attempts. It also tracks which user accounts are targeted. When it finds a repeated failures from the same IP address it inserts these into your /etc/hosts.deny file effectively blocking the offending crackers.

Like any security measure this one can be shored up by implementing complementary measures. These would include disallowing root logins, using a port number other than 22 and disabling password logins. All of these can be set in your /etc/ssh/sshd_config file. Your ssh daemon must be restarted after making these changes.

The Distributed Management Task Force (DMTF) released the finished version of the Open Virtualization Format (OVF). The OVF is a set of metadata tags that can be used to deploy virtual environment across multiple virtualization platforms.

Using OVF users can download a virtualized application and run it on the operating system on which it was developed. Since the OVF is not hypervisor dependent users can install it on the virtualizaton platform of their choice. Admins and other users can download the OVF packaged software and install it within their own virtual infrastructure instead of creating the virtualization platform on which the software was originally installed. By using this admins can get new applications into production faster.

OVF is actually a set of metadata that describes the virtualization container. This allows the virtualization platform to translate the machine into it’s own environment. While the practice of competing virtual platforms translating virtual machines to run on their platform is not new until now there has not been an open source application that would wholesale translate any virtual machine into any virtual environment. This is all accomplished by using the metadata standard developed for the OVF,

OVF can also be used to manage virtual machine installations. For example if machines are required to start in a certain order to allow for dependencies the OVF can handle this. You can find out more about the OVF here.

About This Blog

Insight, commentary and examples of applications, scripting and industry news about Linux and open source software. Articles will cover installation and setup of various applications with a focus on open source and Linux.